CNNVD-202512-817 Information

CNNVD ID

CNNVD-202512-817

Related CVE

CVE-2025-14199

• CNNVD Published: 2025-12-07

Description (Chinese)

Verysync是中国微力同步（Verysync）公司的一个私人文件同步和备份软件。 Verysync 2.21.3及之前版本存在代码问题漏洞，该漏洞源于组件Web Administration Module中文件/rest/f/api/resources/f96956469e7be39d/tmp/text.txt?override=false的错误操作，可能导致无限制上传。

Description (English)

Verysync is a private file synchronization and backup software for Verysync. Verysync 2.21.3 and previous versions had a code problem loophole, which originated from document/rest/f/api/resources/f9696966469e7be39d/tmp/text.txt?override=false in component WebAdmination Module, and could lead to unrestricted uploading.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

微力同步

Published

2025-12-07

Last Modified

2026-02-24

References

https://vuldb.com/?submit.699539 https://github.com/jjjjj-zr/jjjjjzr/issues/10 https://vuldb.com/?id.334619 https://vuldb.com/?ctiid.334619 https://access.redhat.com/security/cve/cve-2025-14199